Securing SCADA-based Critical Infrastructures: Challenges and Open Issues

Tariq, Noshina; Asim, Muhammad; Khan, Farrukh Aslam

doi:10.1016/j.procs.2019.08.086

Cited by 40 publications

(25 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [26], Baker et al proposed identity-based cryptography and signature schemes to reinforce the integrity, security, and privacy of SCADAbased IoT CI at the fog layer. Also in [27] the open issues related to the security protection of IoT-enabled SCADA system were investigated. The authors emphasized physical, cyber, geographic, and logical CIs dependencies and interdependencies on other infrastructure (i.e.…”

Section: Related Workmentioning

confidence: 99%

Securing Seaport Logistic Vehicles Using a Distributed Ledger-Based Credential Management System

Tesei

Lattuca

Tardo

et al. 2021

IEEE Open J. Veh. Technol.

View full text Add to dashboard Cite

Major maritime carriers are globally demanding improvements in the efficiency of port operations. Cargo carried by ships must be loaded and unloaded quickly with minimal stopover time in the port. This requirement mandates seaports to deploy cutting-edge technology to the port area so that logistic processes are increasingly efficient and reliable. In this scenario, the attack surface of such critical infrastructure is growing very rapidly and advanced security techniques must be deployed to enforce a high attack resilience. A Distributed Ledger-based Credential Management System exploiting a Distributed Ledger Technology (DLT) to enable transparent and real-time tracking of logistic vehicles and cargos within a terminal is presented in this paper. Based on a customization of Vehicular Ad-Hoc Network (VANET) security standards, the proposed scheme provides authentication, authorization, and revocation capabilities to promptly exclude misbehaving logistic vehicles from the system, while maintaining an immutable record of all the logistic vehicles' activity. The laboratory validation demonstrates that the delay of the devised scheme is not dependent on the quay area capacity, thus being applicable in seaports of any size. Furthermore, the effectiveness of the solution is demonstrated with the field trial results obtained with the EU Horizon 2020 COREALIS project testbed deployed in the Port of Livorno.

show abstract

Section: Related Workmentioning

confidence: 99%

Securing Seaport Logistic Vehicles Using a Distributed Ledger-Based Credential Management System

Tesei

Lattuca

Tardo

et al. 2021

IEEE Open J. Veh. Technol.

View full text Add to dashboard Cite

show abstract

“…Among the other 24 papers the most common simulated attacks comprise attacks on general Internet protocols (11), command/response injection or modification (10), DoS (10) and attacks on SCADA protocols (7). The other simulated attacks were: reconnaissance (5), MITM (3), unauthorized access (1) and probing (1). Six studies present thorough specification and simulation of a number of realistic attacks, which were intended to jeopardize the particular control process [40], [43], [45], [51], [52], [56].…”

Section: B Test Environmentmentioning

confidence: 99%

“…network technologies, to present systems of the third generation that are fully networked and make use of the Internet technologies [1]. The upcoming fourth-generation SCADA systems adopt Industrial Internet of Things (IIoT) and the Future Internet (FIN) technologies such as cloud/fog computing, big data analytics, mobile computing, etc.…”

Section: Introductionmentioning

confidence: 99%

A Review of Research Work on Network-Based SCADA Intrusion Detection Systems

2020

View full text Add to dashboard Cite

Specific intrusion detection systems (IDSs) are needed to secure modern supervisory control and data acquisition (SCADA) systems due to their architecture, stringent real-time requirements, network traffic features and specific application layer protocols. This article aims to contribute to assess the state-ofthe-art, identify the open issues and provide an insight for future study areas. To achieve these objectives, we start from the factors that impact the design of dedicated intrusion detection systems in SCADA networks and focus on network-based IDS solutions. We propose a structured evaluation methodology that encompasses detection techniques, protected protocols, implementation tools, test environments and IDS performance. Special attention is focused on assessing implementation maturity as well as the applicability of each surveyed solution in the Future Internet environment. Based on that, we provide a brief description and evaluation of 26 selected research papers, published in the period 2015-2019. Results of our analysis indicate considerable progress regarding the development of machine learning-based detection methods, implementation platforms, and to some extent, sophisticated testbeds. We also identify research gaps and conclude the analysis with a list of the most important directions for further research.

show abstract

“…Supervisory Control and Data Acquisition (SCADA) systems play a significant role in providing remote access, monitoring and control of critical infrastructures (CIs), which includes power systems, water distribution systems, gas plants, wastewater collection systems, etc. [1][2][3][4]. The stringent real-time requirements, growing interconnectivity, standardization of communication protocols and remote accessibility of modern SCADA systems have contributed massively to the exposure of the infrastructures to various vulnerabilities and security challenges such as sabotage, terrorism and intrusions [5][6][7][8].…”

Section: Introductionmentioning

confidence: 99%

“…the authors in [27] reviewed SCADA cyber-security risk assessment methodologies. Tariq et al [1] reviewed cyber threats and defense mechanisms for securing SCADA-based CIs. Rakas et al [16] focused on network-based solutions for SCADA intrusions.…”

Section: Introductionmentioning

confidence: 99%

A Review of Research Works on Supervised Learning Algorithms for SCADA Intrusion Detection and Classification

et al. 2021

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems play a significant role in providing remote access, monitoring and control of critical infrastructures (CIs) which includes electrical power systems, water distribution systems, nuclear power plants, etc. The growing interconnectivity, standardization of communication protocols and remote accessibility of modern SCADA systems have contributed massively to the exposure of SCADA systems and CIs to various forms of security challenges. Any form of intrusive action on the SCADA modules and communication networks can create devastating consequences on nations due to their strategic importance to CIs’ operations. Therefore, the prompt and efficient detection and classification of SCADA systems intrusions hold great importance for national CIs operational stability. Due to their well-recognized and documented efficiencies, several literature works have proposed numerous supervised learning techniques for SCADA intrusion detection and classification (IDC). This paper presents a critical review of recent studies whereby supervised learning techniques were modelled for SCADA intrusion solutions. The paper aims to contribute to the state-of-the-art, recognize critical open issues and offer ideas for future studies. The intention is to provide a research-based resource for researchers working on industrial control systems security. The analysis and comparison of different supervised learning techniques for SCADA IDC systems were critically reviewed, in terms of the methodologies, datasets and testbeds used, feature engineering and optimization mechanisms and classification procedures. Finally, we briefly summarized some suggestions and recommendations for future research works.

show abstract

Securing SCADA-based Critical Infrastructures: Challenges and Open Issues

Cited by 40 publications

References 25 publications

Securing Seaport Logistic Vehicles Using a Distributed Ledger-Based Credential Management System

Securing Seaport Logistic Vehicles Using a Distributed Ledger-Based Credential Management System

A Review of Research Work on Network-Based SCADA Intrusion Detection Systems

A Review of Research Works on Supervised Learning Algorithms for SCADA Intrusion Detection and Classification

Contact Info

Product

Resources

About